Vulnerabilities > Redhat > Enterprise Linux Server TUS

DATE CVE VULNERABILITY TITLE RISK
2024-02-07 CVE-2023-6356 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the Linux kernel's NVMe driver.
network
low complexity
redhat linux debian CWE-476
7.5
7.5
2024-02-07 CVE-2023-6535 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the Linux kernel's NVMe driver.
network
low complexity
linux redhat CWE-476
7.5
7.5
2024-02-07 CVE-2023-6536 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the Linux kernel's NVMe driver.
network
low complexity
linux redhat debian CWE-476
7.5
7.5
2024-01-10 CVE-2023-5455 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA.
network
low complexity
freeipa fedoraproject redhat CWE-352
6.5
6.5
2023-12-10 CVE-2023-5868 A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments.
network
low complexity
postgresql redhat
4.3
4.3
2023-12-10 CVE-2023-5869 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification.
network
low complexity
postgresql redhat CWE-190
8.8
8.8
2023-12-10 CVE-2023-5870 A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher.
network
high complexity
postgresql redhat
4.4
4.4
2023-11-03 CVE-2023-1476 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code.
local
high complexity
linux redhat CWE-416
7.0
7.0
2023-11-03 CVE-2023-46846 HTTP Request Smuggling vulnerability in multiple products
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
network
low complexity
squid-cache redhat CWE-444
5.3
5.3
2023-11-03 CVE-2023-46847 Classic Buffer Overflow vulnerability in multiple products
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
network
low complexity
squid-cache redhat CWE-120
7.5
7.5